|
Message-Id: <20150830125854.D2A876C0065@smtpvmsrv1.mitre.org> Date: Sun, 30 Aug 2015 08:58:54 -0400 (EDT) From: cve-assign@...re.org To: pcheng@....com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request: vorbis-tools: buffer overflow in aiff_open() -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > Affected Version: <= Revision 19495 > I was testing with vorbis-tools-1.4.0 > https://wiki.xiph.org/Vorbis-tools > An issue was found in oggenc/audio.c when it tries to open invalid AIFF file. > > 274 if(fread(buffer,1,len,in) < len) > The input buffer and length can be controlled by user indirectly via: > > 260 if(!find_aiff_chunk(in, "COMM", &len)) > oggenc aiff_open buffer overflow > https://trac.xiph.org/ticket/2212 Use CVE-2015-6749. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJV4v0DAAoJEL54rhJi8gl5ITkQALDXlsXi993gR0THhgevCT7K SS9FX+eZBGyO3u/6X+XztB+kyQOKpRAKxW1t9zKsOuB96RU6zdD4F1mSUd0Ex8GC 10BjDCHuRnmzTOaKLrVWcMKGneXBnQkGklDzKk0nd3VRUyQ0Nso9WPqrblq9qocu RLZUWlgE8W6ObwrFAFxu9aNMEWJZqoi0hIsQg7mdYbQNnE30PHw9raifIPIMze2V Kd61d6F2RxSr61DJ5A21EDHTyEKUdhQE8VRWMx+UegzFzVjIc1yK8eHRz2SgJkag YtP2Cx9STH/sd/6ygswu36iGop1Y6ECRM0N7GzNkpqMaHa1Og202e30NR+P8dcgg u5DoXNS1+Q7bn3xc9C1807O5+QkUsnCtXbT37XTAkTI9EzRoNpEaOzyptKXc5dGp Id9hOuJHRfYZGliPlCrAzmoS3Tyb77JWePpDoVoB96zRUMVhPZZ+1Vble54aFM33 cvALFULGBJC9B+a8zZwaH/ppls8nsmbntStvx1CfF3SgYlG8QqlcZEYKvGXOUXaP nTkHD/J8Bf4QRdMjQbSQDCFpjWoLXkwd8MkJHWxE65NKBqm4Wq5yQSlHSPF7QnYH Mvhj1DhISRceHZ29gfIykAP1Q2o3ScctN3XN+NPk0x+iMomDQNoUQ72TDasLX5sG UvkC0Up58HST8GoUqQw7 =ZACh -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.